mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-14 19:02:41 +01:00
34c890b7e1
Summary:
Updates this stuff a bit:
- Add a global create permission for OAuth applications. The primary goal is to reduce attack surface area by making it more difficult for an adversary to do anything which requires that they create and configure an OAuth application/client. Normal users shouldn't generally need to create applications, OAuth is complex, and doing things with user accounts is inherently somewhat administrative.
- Use normal policies to check create and edit permissions, now that we have infrastructure for it.
- Use modern UI kit.
Test Plan:
- Created a client.
- Edited a client.
- Tried to create a client as a non-admin.
- Tried to edit a client I don't own.
{F131511}
{F131512}
{F131513}
{F131514}
Reviewers: btrahan
Reviewed By: btrahan
Subscribers: epriestley
Differential Revision: https://secure.phabricator.com/D8562
|
||
|---|---|---|
| .. | ||
| PhabricatorOAuthClientAuthorization.php | ||
| PhabricatorOAuthServerAccessToken.php | ||
| PhabricatorOAuthServerAuthorizationCode.php | ||
| PhabricatorOAuthServerClient.php | ||
| PhabricatorOAuthServerDAO.php | ||